CyberSec.Space Logo
返回 CVE 浏览器

CVE-2015-5175

HIGH
7.5
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile39.55th
Published2017年6月7日
Last Modified2026年5月13日

Vulnerability Description

Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before 1.2.1 allow remote attackers to cause a denial of service.

Affected Platforms (CPE)

📦
Apache

Cxf Fediz

<= 1.1.2
📦
Apache

Cxf Fediz

= 1.2.0

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2015/08/26/3
🔗 http://www.securityfocus.com/bid/76486
🔗 https://cxf.apache.org/security-advisories.data/CVE-2015-5175.txt.asc?version=1&modificationDate=1440598018000&api=v2
🔗 https://git-wip-us.apache.org/repos/asf?p=cxf-fediz.git%3Ba=commit%3Bh=f65c961ea31e3c1851daba8e7e49fc37bbf77b19
🔗 https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
🔗 https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
🔗 https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
🔗 https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E

相关漏洞威胁

CVE-2016-44649.8

The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values...

CVE-2017-76618.8

Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style R...

CVE-2017-76628.8

Apache CXF Fediz ships with an OpenId Connect (OIDC) service which has a Client Registration Service, which is a simple web applic...

CVE-2017-126318.8

Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style R...